Upon successfully authenticating a client device with a server system, the client device and server system share auto-reconnect data. Upon subsequently losing and re-establishing communications with the server system, the client sends an auto-authenticate request to the server. The auto-authenticate request includes a session verifier that is based at least in part on the shared auto-reconnect data. The server validates the session verifier. If the validation is successful, the server automatically re-authenticates the client device.
Legal claims defining the scope of protection, as filed with the USPTO.
1. A server system programmed to perform actions comprising: authenticating a client device for a particular server session; sharing auto-reconnect data with the client device, the auto-reconnect data including a session ID associated with the particular server session and a first random number; after losing communications with the client device, sharing a second random number with the client device, and receiving from the client device the session ID and a session verifier that is derived at least in part from the first and second random numbers; validating the session verifier; upon successfully validating the session verifier, automatically re-authenticating the client device for the particular server session.
2. A server system as recited in claim 1 , wherein said re-authenticating is performed without requesting user credentials.
3. A server system as recited in claim 1 , wherein said sharing auto-reconnect data is performed through a secure data communications channel.
4. A server system as recited in claim 1 , wherein automatically re-authenticating the client device for the particular server session includes automatically re-authenticating the client device based at least partially on the session ID.
5. A server system as recited in claim 1 , wherein the session verifier comprises a one-way hash based at least in part on the first and second random numbers.
6. A server system as recited in claim 1 , wherein said actions further comprise periodically changing at least a portion of the auto-reconnect data and sending at least said changed portion to the client device.
7. A server system as recited in claim 1 , further comprising periodically changing the first random number and sending it to the client device.
8. A client device programmed to perform actions comprising: providing user credentials to a server system to authenticate the client device with the server system; initiating a server session on a server system, the server session being associated with the client device; sharing auto-reconnect data with the server system, the auto-reconnect data including a session ID and a first random number; after losing and re-establishing communications with the server system, sharing a second random number with the server system, and deriving a session verifier at least in part from the first and second random numbers; requesting automatic re-authentication by the server system without providing user credentials, wherein said requesting comprises sending the session ID and the session verifier to the server system.
9. A client device as recited in claim 8 , wherein said actions further comprise periodically sharing a changed first random number with the server system.
10. A client device as recited in claim 8 , wherein the auto-reconnect data is received from the server system.
11. A methods comprising: establishing data communications between a client device and a server system; authenticating the client device for a particular server session; sharing auto-reconnect data between client device and the server system, the auto-reconnect data including a session ID associated with the particular server session and a first random number; re-establishing data communications between the client device and the server system after a communications failure; after re-establishing data communications, sharing a second random number between the client device and the server device; deriving a client session verifier at the client device at least in part from the first and second random numbers; providing the client session verifier and the session ID from the client device to the server system; deriving a server session verifier at the server system at least in part from the first and second random numbers; validating the client session verifier by comparing it to the server session verifier; upon successfully validating the session verifier, automatically re-authenticating the client device for the particular server session.
12. A method as recited in claim 11 , wherein the client session verifier and server session verifier comprise a one-way hash based at least in part on the first and second random numbers.
13. A method as recited in claim 11 , further comprising periodically changing at least a portion of the auto-reconnect data and sharing at least said changed portion between the client device and the server device.
14. A method as recited in claim 11 , further comprising periodically changing the first random number and sharing it between the client device and the server device.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
January 25, 2006
January 6, 2009
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.